[Python-Dev] proposal: evaluated string
tomer filiba
tomerfiliba at gmail.com
Thu Apr 20 21:06:17 CEST 2006
>
> We've said "-1"
>
i don't mean to be rude, but only josiah strictly said -1. by you saying
"we",
i'd assume you -1'ed it as well, but you couldn't have expected me to know
that before
you said it. so i feel a little cornered here... is it my fault i don't
support quantom
superposition?
-tomer
On 4/20/06, Guido van Rossum <guido at python.org> wrote:
>
> Tomer, please stop. We've seen your proposal. We've said "-1". Please
> take it instead of wasting your time trying to argue for it.
>
> On 4/20/06, tomer filiba <tomerfiliba at gmail.com> wrote:
> >
> > > We already have a slew of templating utilities (see Cheetah for
> example).
> > >
> > first of all -- i know there's a bunch of templating engines, but i
> think it
> > should be a
> > built-in feature of the language. like boo does. and estr is stronger
> than
> > simple
> > $name substitution, like Template does.
> >
> >
> > > Be sure to stay aware of the security risks if the fill-in values are
> user
> > specified.
> > >
> > that's one major benefit of having it as a builtin type -- you dont have
> > security risks,
> > as the expression itself is embedded in your code, not something you get
> > from the
> > outside:
> >
> > name = raw_input("what's you name?")
> > print e"hello {name}"
> >
> > does not get the *expression* from the user, only the *values*, so
> unless
> > the user
> > causes a buffer overflow with a huge string, he can't run code. the estr
> > object is part
> > of *your* code, which you trust.
> >
> >
> > > If you need this, then consider using a third-party templating module.
> > >
> > that 50-liner estr class i presented does just that.
> >
> >
> > > Using the key twice is basic to templating (once of specify where to
> > > make the substitution and once to specify its value). This is no
> > > different from using variable names in regular code: a=1; ... ; b =
> > > a+2 # variable-a is used twice.
> > >
> > but when it's defined once as an argument to a function, once in the
> > template,
> > and once in the dict, that's three times, where it can be only two.
> >
> > def f(name):
> > print e"hello {name}"
> >
> >
> > > Also, the example is misleading because real-apps are substitute
> > > variables, not constants. IOW, the above code fragment is sematically
> > > equivalent to: print "hello john".
> >
> >
> > what do you mean by that?
> >
> >
> > > 3) it is less
> > > flexible than the class constructor which can be subclassed and
> > > extended as needed.
> > >
> > do you often subclass str? it's a built-in type, part of the language,
> > subclassing it doesnt
> > make much sense. after all it's the language compiler that instanciates
> > these types, i.e.,
> > when you do "hello", the compiler creates an instance of str() with that
> > value, not you
> > directly, and that's the case here.
> >
> >
> > -tomer
> >
> >
> > On 4/20/06, Raymond Hettinger <rhettinger at ewtllc.com> wrote:
> > >
> > > >
> > > >If you don't like the $name style of template markup and prefer
> > > >delimiters instead, then check-out the recipe at:
> > > >
> > > >
> > http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/3053
> > > >
> > > >
> > > The link should have been:
> > >
> > >
> > http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/305306
> > >
> > >
> > >
> > >
> >
> >
> > _______________________________________________
> > Python-Dev mailing list
> > Python-Dev at python.org
> > http://mail.python.org/mailman/listinfo/python-dev
> > Unsubscribe:
> > http://mail.python.org/mailman/options/python-dev/guido%40python.org
> >
> >
> >
>
>
> --
> --Guido van Rossum (home page: http://www.python.org/~guido/)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20060420/c101ba18/attachment.html
More information about the Python-Dev
mailing list